Log - 64691dc3fc8e1c42c22edc7676ece91d0b9f366c - security/mbedtls

64691dc Let ssl-opt.sh gracefully fail is SSL_MAX_CONTENT_LEN is not 16384 by Hanno Becker · 7 years ago
b658ee6 Adapt ChangeLog by Hanno Becker · 7 years ago
a360411 Fixed SIGSEGV problem when writing with ssl_write_real a buffer that is over MBEDTLS_SSL_MAX_CONTENT_LEN bytes by Florin · 7 years ago
e298c8b Correct typo by Hanno Becker · 7 years ago
0d885d3 Add expected number of fragments to 16384-byte packet tests by Hanno Becker · 7 years ago
2fabe5f Add tests for messages beyond 16384 bytes to ssl-opt.sh by Hanno Becker · 7 years ago
0560778 Add missing test-dependencies for MBEDTLS_SSL_MAX_FRAGMENT_LENGTH by Hanno Becker · 7 years ago
1a662eb Allow requests of size larger than 16384 in ssl_client2 by Hanno Becker · 7 years ago
fe7fd6e Fix typo in asn1.h by Andres Amaya Garcia · 7 years ago
b1d78fc Improve leap year test names in x509parse.data by Andres Amaya Garcia · 7 years ago
bc04113 Correctly handle leap year in x509_date_is_valid() by Andres Amaya Garcia · 8 years ago
5f1dd80 Renegotiation: Add tests for SigAlg ext parsing by Janos Follath · 7 years ago
bac9d4d Parse Signature Algorithm ext when renegotiating by Ron Eldor · 7 years ago
5d39ace Fix changelog for ssl_server2.c usage fix by Simon Butcher · 7 years ago
bd25784 Fix ssl_server2 sample application prompt by Ron Eldor · 7 years ago
72e9ba2 Update ChangeLog for fix to #836 by Simon Butcher · 7 years ago
c7845e5 Enhance documentation of ssl_write_hostname_ext, adapt ChangeLog. by Hanno Becker · 8 years ago
7891da2 Enhance documentation of mbedtls_ssl_set_hostname by Hanno Becker · 8 years ago
b974e98 Add test case calling ssl_set_hostname twice by Hanno Becker · 7 years ago
593b0d3 Make mbedtls_ssl_set_hostname safe to be called multiple times by Hanno Becker · 8 years ago
2823fad Fix typo in configs/README.txt file by Ron Eldor · 7 years ago
1fe5e8a Update version number to 2.1.9 by Simon Butcher · 7 years ago mbedtls-2.1.9
a305083 Fix language in Changelog for clarity by Simon Butcher · 7 years ago
ea27c99 Improve documentation of PKCS1 decryption functions by Simon Butcher · 7 years ago
223f88d Adapt ChangeLog by Hanno Becker · 7 years ago mbedtls-2.1.9-rc1
6ad82d7 Rename time and index parameter to avoid name conflict. by Hanno Becker · 7 years ago
0936201 Correct comment and remove empty line by Hanno Becker · 7 years ago
3948a10 Adapt ChangeLog by Hanno Becker · 7 years ago
66daa68 Reliably zeroize sensitive data in AES sample application by Hanno Becker · 7 years ago
e0c35a6 Reliably zeroize sensitive data in Crypt-and-Hash sample application by Hanno Becker · 7 years ago
246bf69 Fix duplication in Changelog introduced by merge by Simon Butcher · 7 years ago
266f344 Remove the check in ssl-opt.sh for MAX_INTERMEDIATE_CA by Simon Butcher · 7 years ago
d4d70c4 Fix threshold checks for MBEDTLS_X509_MAX_INTERMEDIATE_CA by Simon Butcher · 7 years ago
b585119 Backport 2.1: check if iv is zero in gcm. by Ron Eldor · 7 years ago
eeb1350 Fix typo by Hanno Becker · 7 years ago
88c6f72 Check threshold for MBEDTLS_X509_MAX_INTERMEDIATE_CA in X509 tests by Hanno Becker · 7 years ago
323a222 Improve Readme for long test certificate chains by Hanno Becker · 7 years ago
81cc8f6 Check value of MBEDTLS_X509_MAX_INTERMEDIATE_CA in ssl-opt.sh by Hanno Becker · 7 years ago
58897fb Correct indentation and labelling in ChangeLog by Hanno Becker · 7 years ago
4721831 Fix typos by Janos Follath · 7 years ago
f2269b0 Update doc of return value of verify() by Manuel Pégourié-Gonnard · 7 years ago
71103cb Make test script more portable by Manuel Pégourié-Gonnard · 7 years ago
cdb4dc9 Improve comments by Manuel Pégourié-Gonnard · 7 years ago
8376565 Add ChangeLog entry for the security issue by Manuel Pégourié-Gonnard · 7 years ago
591035d Add SSL tests for long cert chains by Manuel Pégourié-Gonnard · 7 years ago
c386317 Only return VERIFY_FAILED from a single point by Manuel Pégourié-Gonnard · 7 years ago
489939f Improve behaviour on fatal errors by Manuel Pégourié-Gonnard · 7 years ago
4770dbc Add test for limit on intermediate certificates by Manuel Pégourié-Gonnard · 7 years ago
ad6cf99 Add CRT DER tests with incorrect version by Andres AG · 8 years ago
9674a62 Add CRL DER tests with incorrect version by Andres AG · 8 years ago
7ebf632 Add CSR DER tests with incorrect version by Andres AG · 8 years ago
b322be5 Prevent signed integer overflow in CSR parsing by Andres AG · 8 years ago
1f06d9b Fix potential integer overflow parsing DER CRT by Andres AG · 8 years ago
0ff660e Fix potential integer overflow parsing DER CRL by Andres AG · 8 years ago
a886ce3 Backport 2.1: Check rc of mbedtls_mpi_fill_random by Ron Eldor · 8 years ago
0fb3e0a Backport: Resource leak fix on windows platform by Ron Eldor · 8 years ago
ee709f4 Backport 2.1: Wrong preproccessor condition fix by Ron Eldor · 8 years ago
5ff277e Backport 2.1: check if iv is zero in gcm. by Ron Eldor · 7 years ago
a905bdc Minor: Fix typo in program comments by Ron Eldor · 7 years ago
cea8b53 Improve documentation of PKCS1 decryption functions by Hanno Becker · 7 years ago
fbb9837 Update the version number to 2.1.8 by Simon Butcher · 7 years ago mbedtls-2.1.8
499391a Undo API change by Hanno Becker · 7 years ago
3fb1cc3 Improve Changelog by Janos Follath · 7 years ago
bff0316 Merge branch 'mbedtls-2.1' into mbedtls-2.1-restricted by Manuel Pégourié-Gonnard · 7 years ago
d690189 Merge remote-tracking branch 'hanno/remove_format_qualifier_backport-2.1' into mbedtls-2.1 by Manuel Pégourié-Gonnard · 7 years ago
46a1629 Remove %zu format string from ssl_client2 and ssl_server2 by Hanno Becker · 7 years ago
89930b3 Merge remote-tracking branch 'restricted/iotssl-1398_backport-2.1' into mbedtls-2.1-restricted by Manuel Pégourié-Gonnard · 7 years ago
43df7e6 Merge near-duplicate ChangeLog entries by Manuel Pégourié-Gonnard · 7 years ago
88647ac Add ChangeLog entry by Hanno Becker · 7 years ago
cc01908 Ensure application data records are not kept when fully processed by Hanno Becker · 7 years ago
e235672 ChangeLog cosmetics by Manuel Pégourié-Gonnard · 7 years ago
1defa8f Merge remote-tracking branch 'restricted/iotssl-1138-rsa-padding-check-2.1-restricted' into mbedtls-2.1-restricted by Manuel Pégourié-Gonnard · 7 years ago
63906d9 Merge remote-tracking branch 'restricted/IOTSSL-1366/mbedtls-2.1' into mbedtls-2.1-restricted by Manuel Pégourié-Gonnard · 7 years ago
640edc7 Merge remote-tracking branch 'hanno/mpi_read_file_underflow_backport-2.1' into mbedtls-2.1 by Manuel Pégourié-Gonnard · 7 years ago
ebe391d Merge remote-tracking branch 'hanno/sliding_exponentiation_backport-2.1' into mbedtls-2.1 by Manuel Pégourié-Gonnard · 7 years ago
5539366 Fix issue in testing SHA-1 compile-time option by Manuel Pégourié-Gonnard · 7 years ago
bfbc494 Add hard assertion to mbedtls_ssl_read_record_layer by Hanno Becker · 7 years ago
6a582e8 Fix mbedtls_ssl_read by Hanno Becker · 7 years ago
704f493 Simplify retaining of messages for future processing by Hanno Becker · 7 years ago
431c2af Merge remote-tracking branch 'janos/mbedtls-2.1-iotssl-1156-ecdsa-sample-and-doc-clarification' into mbedtls-2.1 by Manuel Pégourié-Gonnard · 7 years ago
a9a65c8 Merge remote-tracking branch 'hanno/iotssl-1341-optional-certificate-verification-needs-ca-chain-backport-2.1' into mbedtls-2.1 by Manuel Pégourié-Gonnard · 7 years ago
5ad6789 Clarify the use of ECDSA API by Janos Follath · 8 years ago
61c0c70 Add tests for missing CA chains and bad curves. by Hanno Becker · 7 years ago
a3929ba Fix implementation of VERIFY_OPTIONAL verification mode by Hanno Becker · 7 years ago
b55f613 Merge remote-tracking branch 'gilles/iotssl-1223/mbedtls-2.1' into mbedtls-2.1 by Manuel Pégourié-Gonnard · 7 years ago
5e0144f Fix bug in backport from SHA-1 blacklisting by Manuel Pégourié-Gonnard · 7 years ago
aa85950 Merge branch 'sha1-2.1' into mbedtls-2.1 by Manuel Pégourié-Gonnard · 7 years ago
c4cb493 Cleaned up negative test predicate for test case by Gilles Peskine · 7 years ago
b49351d all.sh: test with SHA-1 enabled by Gilles Peskine · 7 years ago
7344e1b SHA-1 deprecation: allow it in key exchange by Gilles Peskine · 7 years ago
db56aca Allow SHA-1 in server tests, when the signature_algorithm extension is not used by Gilles Peskine · 7 years ago
9bb4f28 Document test data makefile by Gilles Peskine · 7 years ago
e7375ef X.509 tests: obey compile-time SHA-1 support option by Gilles Peskine · 7 years ago
35db5ba Allow SHA-1 in test scripts by Gilles Peskine · 7 years ago
ae76599 Test that SHA-1 defaults off by Gilles Peskine · 7 years ago
12c1954 Allow SHA-1 in SSL renegotiation tests by Gilles Peskine · 7 years ago
559674c Test that X.509 verification rejects SHA-256 by default by Gilles Peskine · 7 years ago
dd57d75 Allow SHA-1 in X.509 and TLS tests by Gilles Peskine · 7 years ago
5877c27 X.509 self-tests: replaced SHA-1 certificates by SHA-256 by Gilles Peskine · 7 years ago
83ed596 Added SHA256 test certificates by Gilles Peskine · 7 years ago